Add SSH3 known hosts, based on x509 self-signed certificates.
While we strongly prefer classical certificates, it is sometimes a burden to generate certificates for a host, so we provide support for a mechanism comparable to OpenSSH's host keys.
A self-signed certificate can be generated using the generate_openssl_selfsigned_certificate.sh script.
When an SSH3 client connects to a new host, if the certificate is invalid, the client proposes to the user to
store the provided certificate to trust it for the next connections. If the user accepts, the certificate
will be installed in the ~/.ssh3/known_host file.
Add SSH3 known hosts, based on x509 self-signed certificates.
While we strongly prefer classical certificates, it is sometimes a burden to generate certificates for a host, so we provide support for a mechanism comparable to OpenSSH's host keys.
A self-signed certificate can be generated using the
generate_openssl_selfsigned_certificate.shscript. When an SSH3 client connects to a new host, if the certificate is invalid, the client proposes to the user to store the provided certificate to trust it for the next connections. If the user accepts, the certificate will be installed in the~/.ssh3/known_hostfile.